Search

Subscribe

More State-Sponsored Hacking

After the New York Times broke the story of what seemed to be a state-sponsored hack from China against the newspaper, the Register has stories of two similar attacks: one from Burma and another from China.

Actually Clive, the biggest news story in Australia right now is just that. An Australian citizen died (likely killed by Mossad) in an Israeli gaol for leaking secrets from Israel to the Australian spy agency.

Not cyber-espionage, but old fashioned plain-espionage. We are so used to seeing the latest version of the 'yellow peril' in the news (hacking from China) that this revelation has been front page news for days. In the global us and them, Israel was supposed to be 'us' even though most Australians don't agree with how Israel treats its neighbours.

Seems simple. Because I'm willing to bet that China is seeing the same behavior to their own systems, but then coming from Europe or the US.
Cyber-espionage is simply a must, just as much as traditional espionage.
And with proxies you can make it appear to come from everywhere. Heck, it could even be the US government hacking itself and then pointing fingers at China.

Most hotels have wifi, and botnets don't care about national borders. It's simply too easy to hide your origin if your internet proxy chain crosses countries that refuse to cooperate on investigations. At least, if you have a modest amount of competence.

Also ended up answering your last question. Europe & US cooperate on cyber-attack investigations (or at least the NATO members). China doesn't.
Any european hacker surely won't use his own line, and the US surely won't accuse Europe for hacking if a botnet or proxy is proven. In the end it's just a matter of politics.

@Ari
And a Russian couple staying in Germany have been indicted for espionage (years of stealing NATO secrets iirc).

I'm glad we still have diplomacy and politics in this world, otherwise we would've killed each other by now.

Actually Clive, the biggest news story in Australia right now is just that.

I guess you are refering to Prisoner X, (Ben Zygier) who supposadly killed himself in a suicide proof jail cell in Israel back in 2010 after being intterned by the Israeli Security Services. He was (allegedly) working for Mosad, and we know he was "publicaly outed" via a journalist --tipped off by an Israeli contact-- after having been questioned by the Auz Security Services (ASIO/ASIS) about the fact he had changed his name 4 times in ten years. This was shortly after the Senior Hamas person was assassinated by Mosad in Dubi for which Australian Passports (amongst others) had been used. The journalists contact named Ben and two others dual nationality Auz-Israel persons who had set up an electronics company in Europe to sell electronic equipment into places like Iran, and it has been sugedted Ben was involved with Stuxnet. A further aligation as to why Ben was arrested was that feeling himself to be in danger he had cut a deal with Dubi so he could escape from ASIO/Mosad and had revealed who the assassins were as part of the deal. It's also been sugested that Ben revealed details of an up and coming major Mosad operation in Italy (another assassination has been hinted at) to ASIO who had in effect "turned Ben".

Bruce has posted about both Stuxnet and Dubi in the past. The problem is most people are not seeing the connection with what is now called Cyber-espionage/war and old fashioned intel gathering which in reality is usually not "James Bond with gadgets" but hard core investigative journalism. Israel is known for sending out "snatch" and "murder" squads around the globe as an instrument of state policy. Whilst Russia is known to do the same, and the US makes occasional complaint of this, Israel they give multiple billions of funding and block an UN sactions being raised against Israel for their "Acts of War" or "War Crimes" (as defined by international agrement and various treaties).

Hopefully a thought should now happen in peoples heads, which is,

What is the difference between Mosad recruiting people from non Israeli countries and sending them out to other countries to kill citizens of other countries for political reasons, and the likes of Osama Bin Laden and AQ doing the same?

And is the old saying "My Country Right or Wrong" even valid in this modern globalized world?

As I've said here in the past, the question of "freedom fighter" or "terrorist" is a matter of viewpoint, and some viewpoints are that Israel is the "promised land" whilst others regard it as the "first modern Terrorist Nation", setup by the US & Britain for political reasons. Such viewpoints are hard to reconcile as are the conflicts in that part of the world, and as 9/11 and 7/7 and a whole host of other incidents has shown it is now nolonger regional but global and effects us all in ways nobody can currently stop. Sadly rather than act to resolve these issues various nations are just using them as an excuse to set up new faux markets for the "favoured few" who know in turn who to grease to keep that gravy train rolling at high speed.

@ Nick P,

Is this a slip or is UK that much looser with anguage? Most mainstream US media groups would at least censor the letters. (I've heard of topless news in UK, too, so it wouldn't entirely surprise me)

The ansswer lies with another Australian who is alas very much alive... That is you should ask the "Dirty Digger" Rupert Murdoch who controls "News International" that owns many US and UK news outlets, to the detriment of many, and the criminality of a goodly number of his now ex-employees who's collars have been felt by members of the Met Police and are awaiting prosecution and hopefully significant incarceration.

Unfortunatly for the Met it also requires them to do some house cleaning as well as many current and Ex Met employees at very high levels have been "filling their boots" from the Murdoch bank accounts and several have been or are in the progress of being prosecuted...

I can only assume that as the "pack leader" is the same that the "pack animals" behave similarly on both sides of the puddle and you might get to hear of News International Employee criminality in the US...

Cyber-espionage is simply a must, just as much as traditional espionage.

Yes it is in effect a "given", however my concern is why do we see it painted --to use that old term-- as a "Yellow Peril" rather than what all capable nations do to each other.

Is it just a passing phase as once was "Red's Under the Bed" with Russia during the "Cold War" or is it the build up to something else?

It concerns me because I lived through a chunk of the Cold War Paranoia and found out much to dislike about the "Governmental -v- Civilian" mindset of turning virtualy entire nations into "cannon fodder" or "Ash City". A study of the "Cuban Missile Crisis" shows how a "We are the good guys no questions to be asked" and "might is right" mind sets can lead to near disaster. History tends to show that infact the CCCP/USSR political mindset was more often than not the stabilizing effect on US/West rhetoric and saber rattling. Whilst we saw them as "The Russian Bear" they regarded the West as either a pit of "Rattle Snakes" or a pack of "Rabid Dogs".

We appear for various reasons to be trying to push China into the same mold which is not a sensible thing to do. That is the US appears stuck in a 1950's political mindset and are rapidly turning into an Orwellian "Us -v- the rest of the world" bunker mentality nation much as Israel currently is, and a few other Western nations who should know better are still clinging to the US apron ties encoraging the US along like "happy clappy" sycophants.

One side effect of this is that we can see China is responding to the US saber rattling. China had adopted the idea of strengthaning economic ties to promote stability and had invested heavily in the US economy in various ways. Whilst they are still doing it, their direction has changed it's now a case of not "buy in" but "drag it over". But China has started to devote more of it's resources to external offense/deffence weaponry than it has in the past and appears to be "digging in" against a potential US attack.

What makes it worse is the way the US has beeen stiring it up between North and South Korea. As some will know technicaly the North and South are still at war and have been since the 1950's. As a divided country Korea has a problem or two. The North is economicaly "dirt poor" despite having significant human and mineral resources and manpower whilst the South has a lack of both human and mineral resources but has technology and now some considerable wealth. It would be in the interests of the citiizens of both halves of the nation to re-unite. However as far as the US and other major powers it would be undesirable to have them re-unite.

This has of course caused strange effects to arise one of which is the close liason between North Korea and Iran and the cross transfer of dual use technology. Iran untill Stuxnet poped up appeared ahead on uranium isotope seperation and N.Korea on rocket technology. However Stuxnet caused the N.Korea's to "thumb their nose" at the US and inviite nuclear inspectors in and show them more advanced centrifuges than Iran has. And as many will be aware just a few days ago carried out an underground test that many believe is for a small size uranium based nuclear war head capable of being mounted on their long range rockets they recently used to put a satellite into space ( http://n2yo.com/?s=39026 ).

Potentialy N.Korea will be ICBM capable within a year, the question then becoms what will the US do. If past behaviour is any indicator they will give N.Korea an invite to the "top table" rather than have them "beyond the pale".

But both the North and the South have both had a change of leadership. The incoming South Korean Premier is of a vastly different mentality to her predecessor who would blaim anything on the North and the leader of the North is young and so far not set in his ways.

Thus the question is will the US leave the Korean's sufficient space to come to their own relationship or will the US up the ante to the point where hostilities break out again and potentialy develop into a full war, that would drag China back into the conflict?

One of the mistakes that Germany made during WWII which brought about their eventual downfall was to open up a second front in the East by attacking the Russians. The US currrently has a self made war in the Middle East which they are trying to pull out of. Thus do they intend to pull back or go after Iran, and in either case do they realy want to be opening up a second front with China via Korea?

Which ever the US are certainly talking up the "Yellow Peril" into another "Cold War" style opponent...

What is the difference between Mosad recruiting people from non Israeli countries and sending them out to other countries to kill citizens of other countries for political reasons, and the likes of Osama Bin Laden and AQ doing the same?

Because We're the good guys, and They're the bad guys. Anything We do is by definition good, and anything They do is by definition bad, especially when we do the exact same things.

Now, I'm sure AQ would say the same thing, except reversed and in Arabic. But who are you going to believe? I mean, They're the bad guys after all...

Most of you're story reminds me of "The Sum of all Fears". 2002 movie with Ben Affleck and Morgan Freeman.

Appearing weak (or compromise) in politics is one of the easiest ways to lose your position. And thus many will choose the strong approach.
I believe the same thing happened after 9/11, not only several costly wars, but also the Patriot Act, which imho falls under the '"Governmental -v- Civilian" mindset'.
Bruce Schneier has stated on several occasions that there is for politicians no downside to overreacting and usually the cause for increase expense with little true gain.

In regard to China there is a complex matter behind it. Economically China is as much dependent on the West as we are on them.
And we don't like that, we don't like to be dependent on someone we don't have control over.
China, North-Korea and several other countries are a few that the US have little to no influence.
If there is an economic collapse, what do you guess happens next? Some kind of conflict will be inevitable. And both we and them want to be prepared right? Neither wants to get caught with their pants down.
(Please notice the 'China vs West' 'We vs them' in this paragraph)

Stuxnet certainly didn't help. If may not be the first cyberweapon fired, but it was the first public one. Basically the same story as the first nuke.
Stuxnet wasn't targeted at China, but the first nuke wasn't targeted at Russia either.

North vs South Korea. Yes I knew they are still effectively at war. But the chance of reunification is slim at best. Reunification may be possible in a century or so, but only if the South doesn't threaten the North, and the 'west' lets go of it's control. I'm more comfortable with North-Korea having nukes and not use them, than Iran. As long as the South doesn't provoke, the North won't use the nukes and they will feel safer.
Basically what you talked about.
I think the US would be willing to let Korea be, for now, if China is willing to guarantee North-Korea defensive stance. If North attacks first, the South (+ maybe US) can retaliate. No one wants it to happen, but the conflict will probably ends there. If the South provokes, China has to intervene, even if they don't want to. So it's the smart move just to let it be. North-Korea may hate the US, but at least they aren't religious about it.

Any open conflict between the US and China will cause massive economic issues. Something both will want to avoid at all costs.
The opposite is true, economic collapse has a reasonable chance to escalate into a conflict.
All that saber rattling is a preparation for that eventuality.

I do wonder what would happen if the US focused solely on it's domestic issues.
Politically probably not supportable.

In any case, cyber-espionage and cyber-defense will be the hot topic for the coming decade.

What they basically did was to take marketing material from security consultants and post them on the front page of the NYT. The evidence that the PLA was behind the cyberspying was that the PLA happens to have a signals intelligence headquarters in the same district as the apparent source of the attacks. The report sarastically asks if this is a coincidence, and it doesn't think too much about reasons it may be more more a concidence than the fact that a lot of US cybersecurity consultants are located near the Pentagon.

It turns out that the main submarine cable that connects China and the United States happens to go through Pudong.

which nicely explains why the PLA has an intelligence headquarters there. It also explains why you have so many hackers that are traced over to that neighborhood. Note that this doesn't mean that the hackers are actually in that neighborhood. They could be from anywhere in the Eurasian continent.

Personally, I'm pretty sure that the Chinese government is doing cyber-spying, but I think it's coming out of the Ministry of State Security rather than the military. It might seem like a minor distinction who is doing the spying, but it would make some difference if the spying was done by the Pentagon, the CIA, or the NSA, and it particularly matters so that you can (either figuratively or literally) drop the bombs on the right people.

Also, I don't think that the US is going to make too much of a fuss over this. The big problem is that international politics works via reciprocity. If the US loudly condemns Chinese cyberspying, then the US is setting itself to be condemned if it does similar things toward another country (say Iran). This might be worth doing if it turns out that the US is particular weak at these things, but there's no reason to think that's the situation. I think it's more likely that the Chinese are amateurs if they are getting caught.

From what I can gather, it boils down to China having strong innovation problems. The US and other Western nations have strongly innovative systems.

Really, it plays out like a game of civilization. If your nation is ahead of all the other nations in innovation, in technology, you will have strong problems with spying and will need to beef up your counterintelligence. It is not very rewarding to spy very much because you are ahead of everyone else.

Or it plays out like a thief and homeowner. The homeowner has property and assets. They do not need to steal. The thief does not and does need to steal. Is the homeowner likely to become a thief and steal from the thief? No.

We had the same problems with Russia. I think everyone has likely heard the pros and cons of the Cold War. There was clearly some strong fearmongering going on there. There tends to be a strong right and a strong left viewpoint. There are historical viewpoints, hindsight viewpoints. And there is analysis people can make about "who was right then", "who was wrong then", and "why".

The right often overplayed the threat, the left often downplayed the threat. There are countless case studies from both.

Russia was lagging behind us during the Cold War. They were aggressive in commercial spying. They were not so great at it, but it was how they achieved much of their innovation.

(References, for instance, the series of books coming from the KGB archives via Mitrokhin.)

Right now... spying has exploded because of the information revolution, and it will continue to do so. It is easy to steal innovation for a nation state who is vested in their commercial interests. It is easy to control innovation and important deals. It is easy to steal commercial and defense information.

So it is happening.

Intelligence is all about information. So are computers. We are both in the Information Technology industry. :-)

Politicians will always take this data and play it to a variety of advantages, for their own careers -- and their own nations. But they will not discuss much of the secret information which goes on.

I am sure that President Obama would not have personally addressed this issue on a trip to China unless the evidence was more hard then "just" countless attacks that have the hallmarks of nation state interests and capabilities on them -- all of which could be forged.

There is secret human intelligence and there is secret technical intelligence.

Personally, I am all for China advancing in every way, but not by theft. They have to open their economy, they have to open their system. They have to run by inner competition which open systems provide.

They have done so a little and it has helped them a lot. But, because of deeply entrenched private interests (capitalism at its' worst in communism, as always)... they refuse to continue to adhere to this model. It shoots their country in the foot in the short term and the long term. But it gives vast personal gains to those in power, in the short term.

Except that I don't think that China *does* have innovation problems. It's interesting to go to Shenzhen where you have lots of tiny stalls that are making various parts of cell phones, you have organized chaos, and then a strong government that includes some centralization to keep the chaos from going out of hand. So you have tiny stalls that do a lot of leg work putting together cell phones, and then you have the big state owned enterprises that create the networks on which the cell phones operate and then collect rent.

"From what I can gather, it boils down to China having strong innovation problems. The US and other Western nations have strongly innovative systems. "

You're getting at the goal. However, the first sentence is either false or only partly true. The Chinese have been getting plenty innovative when they want to be. The trick, as others have discussed, is getting innovation on the cheap. The Western companies pour more private money into products and research that are essentially bets on future success. The Chinese find it more cost effective to wait on a success, then steal it. They innovate in areas where payoff is worth the risk.

"If your nation is ahead of all the other nations in innovation, in technology, you will have strong problems with spying and will need to beef up your counterintelligence. It is not very rewarding to spy very much because you are ahead of everyone else."

Exactly. The US has been in this position for a while. They just didn't really beef up their counterintelligence. Oops.

"Russia was lagging behind us during the Cold War. They were aggressive in commercial spying. They were not so great at it, but it was how they achieved much of their innovation. "

Quite debatable. Russia beat us on a few arms race battles. They have brilliant engineers and scientists over there. They also, like our Project Paperclip, tried to pull in former Nazi scientists to boost their capabilities. To this day, Russia still has excellent war technology output. So, they certainly try to steal data, but they are good at coming up with it too. This hybrid way of doing things is probably the best for any actor on the world stage.

(Note that the US used this model too: it was just called imperialism in the past. 8)

"I am sure that President Obama would not have personally addressed this issue on a trip to China unless the evidence was more hard then "just" countless attacks that have the hallmarks of nation state interests and capabilities on them -- all of which could be forged."

Not quite. Obama is very diplomatic. He realizes that China, through investment & supply chains, has an enormous amount of power over the US economy. But the reverse isn't true. It's funny that US companies and government would allow this to happen over time: we've known China was an enemy or conniving "neutral" for decades.

As for Chinese threat, the government did issue reports in the past on Chinese attempts to steal our nuclear secrets and other data. They categorized the threat as strong. The leaked British Ministry of Defense Security Manual classified China, Russia, and Israel as the top threats in espionage. So, specific attacks in the media are often speculation, but that we have active opponents is entirely true.

"And, like any nation, the stuff we see is just going to be the upper scum of the pond. It is effectively smoke for their more sensitive operations which we do not see. "

Kind of scary to think of what their real secrets are. I figure it leans in the direction of them being the next big superpower and we get squeezed out of resource deals. That's all I can be sure of.

> It's funny that US companies and government would allow this to happen over time: we've known China was an enemy or conniving "neutral" for decades.

First of all,

Who are "we"?

Don't assume that everyone you talk to online is an American, and if you talk to say a Malaysian or someone that is French, they have no real reason to put US foreign policy interests above Chinese.

Second,

multinational company != US company

If you go to any multinational company, you'll find lots of people with different citizenships and ethnicities, and there is no particular reason that someone who is Chinese is going to prefer to steer a company in the direction of US foreign policy.

What keeps a multinational corporation together is the pursuit of profit, and multinationals are making enough from China that they don't want people to overreact. Cyber-spying is not going to bankrupt a company, but a major breakdown in US-China relations will. The two big industries where US companies are insulated from China are newspapers and defense.

For military contracting, it's "us versus them." For anything else, it's hard to say what the relationship is, but it's not "us versus them."

> Kind of scary to think of what their real secrets are.
> I figure it leans in the direction of them being the
> next big superpower and we get squeezed out of
> resource deals. That's all I can be sure of.

I'd bet the big "secrets" are so secret that no one (include the Chinese leaders) know what they are.

Also, one thing that I think that *is* true for China right now is that I don't think that anyone in China wants to rule the world. Take over Taiwan and the South China Sea, yes. Have the same sort of relationship with South East Asia that the US has with Latin America, maybe, but I don't think that anyone in China right now, wants to take over the world, any more than anyone in England or Germany does.

Now things *might* change in fifty years. There wasn't that much interest in the US in 1930 in running the world, but things changed quickly. However, this depends on historical events that no one knows about, and I think what China's intentions will be in 2050 is the big secret that no one knows about.

> The Western companies pour more private money
> into products and research that are essentially bets
> on future success.

And in the process they end up hiring lots of Chinese (and Indians) and then put offices in the Haidian district or in Bangalore. If you hire a bunch of Chinese in China, it's safe to assume that their national loyalties are going to be with China rather than the United States. But since the purpose of the multinational corporation is the borderless pursuit of profit, this usually isn't a problem. If they turn out to be agents for the Chinese government, then you pay them more money since you now have a lobbyist on the inside.

One thing that's funny is that if you mention that your daddy is on the Politburo, you'll have a ton of western companies in line to hire you, especially since you likely have a Harvard MBA and are a US permanent resident or citizen. I'm pretty sure that if a high tech company found out that they had a spy from the PLA, their first reaction would be "Great!!! Can they get us contracts for our products?"

One problem with "us" versus "them" is that it's hard to figure out who "they' are and who "we" are.

Part of the reason that all this obsession with information leaking out the back door is that most companies doing business in China know that information is leaking straight out the front door. Every technical worker that you have has information about your company that they are willing to sell to the highest bidder, and you deal with that by making sure that the highest bidder happens to be you.

> What is the difference between Mosad recruiting
> people from non Israeli countries and sending them
> out to other countries to kill citizens of other countries
> for political reasons, and the likes of Osama Bin
> Laden and AQ doing the same?

Because the Mossad or their agents is not likely to kill me or anyone that I personally know. AQ has vowed to do so.

Tribe matters. In the abstract, all people are equal. In the real world, I'm going to get more emotional when people that I have some emotional attachment with get killed than if it happens to people that I don't know about. This isn't a bad thing. It means that when you have to kill someone, you try to minimize the number of people you kill so that you minimize the number of people that hate you. Mossad does that. AQ doesn't, so the number of people in the Arab and Islamic world that hate AQ is quite high.

Someone growing up in Beijing is going to have different priorities than someone in San Franscisco. For that matter if you grow up in NY, you are more likely to be a Yankees fan than one of the Red Sox.

> Sadly rather than act to resolve these issues various nations are just using them as an excuse to set up new faux markets for the "favoured few" who know in turn who to grease to keep that gravy train rolling at high speed.

But this may not be such a bad thing. One thing that I noticed about the rich and well connected is that they travel in the same social circles. Most of the Politburo is trying to get their kids into Harvard and Yale, and I'm willing to bet that Xi Jinping's kids and Obama's kids have much more in common than they have to my kids.

One thing that I have noticed is that there is a "global elite." This may not be a bad thing because they are interested in keeping the gravy train going, and war is bad for that. The fact that the Politburo's kids are American college students, and Obama's brother is currently living in Shenzhen with a Chinese wife should keep people from pushing the button.....

Don't assume that everyone you talk to online is an American, and if you talk to say a Malaysian or someone that is French, they have no real reason to put US foreign policy interests above Chinese."

No assumptions were made. The "we" in this case means Americans. I'm an American talking about American businessmen and government. I apologize if it was unclear. I also make references to Western countries, mainly the one's China is robbing.

"What keeps a multinational corporation together is the pursuit of profit, and multinationals are making enough from China that they don't want people to overreact. Cyber-spying is not going to bankrupt a company, but a major breakdown in US-China relations will. The two big industries where US companies are insulated from China are newspapers and defense."

Your point is self-contradicting in way. First, you mention that the multinationals are all about pursuing profit. This is true. The next thing you talk about is how they won't get bankrupted by it. That's irrelevant: they're in it for the profit. If China competes with knockoff products or makes their IP worth less money, the big firms loose plenty of money. And big firms can go bankrupt if they loose too much. So, it should concern them.

That said, my post was mainly focused on American & other Western countries at risk of Chinese attack. The key problem in how this game was played so far is that China looks after their companies and the US doesn't look after theirs. Chinese steal IP for their companies, they've created more secure processors/OS for their companies, and even sometimes sabotage smaller American firms trying to pursue IP litigation.

The US govt, on the other hand, talks a whole lot and does very little. They don't even adequately help our largest economic contributors understand how damaging it is for them over the long term. This causes many businesses that have several low wage countries to choose from for profitable operations to choose China and loose big in ways they might otherwise not have. They also spend more effort trying to spy on their citizens than they do protecting them. This is all to say nothing of the US taking direct action against Chinese economic interests like the Chinese do against us.

So, it's quite a contrast between how China and the US is handling things. The US govt and big business just made everything so easy for them to gain the upper hand piece by piece.

"And in the process they end up hiring lots of Chinese (and Indians) and then put offices in the Haidian district or in Bangalore. If you hire a bunch of Chinese in China, it's safe to assume that their national loyalties are going to be with China rather than the United States. But since the purpose of the multinational corporation is the borderless pursuit of profit, this usually isn't a problem. If they turn out to be agents for the Chinese government, then you pay them more money since you now have a lobbyist on the inside."

The US, esp w/ H1B visas, is known to try to steal talent from other countries. Then, the big companies outsource to increase profit. Certain outsourcers are more loyal to home countries and economies than their clients. There are issues to work out. It's not as simple as we just make lobbyists out of them. Some countries have little corruption and give companies few issues like that. Some have big issues. And why would Chinese firms hold off if the IP is worth millions to billions?

It's better to keep it out of their hands in the first place. Thats what good outsourcing and security decisions can accomplish. There's no guarantees. However, there's also no outrageous maximization of profit if one's profit generators are in the hands of the competition.

Here's how this report is new: until there's evidence that China's into mischief, "there will always be room for observers to dismiss APT actions as uncoordinated, solely criminal in nature, or peripheral to larger national security and global economic concerns. We hope that this report will lead to increased understanding and coordinated action in countering APT network breaches."

This report is intended to be solid proof that APT hacks on behalf of Beijing, and people who until now were fearful of insulting the Chinese leadership can finally speak openly about what they've long suspected.

And of course Mandiant's not just releasing this information for fun. Chinese hacking is big business for them. Brad Stone and Michael Riley reported earlier this month for Businessweek that Mandiant's 2012 revenue of more than $100 million represented a 76 percent year-on-year increase. They say they represent 30 percent of the Fortune 100. Mandiant is so dominant in the China-focused counter-espionage game that the New York Times' reporting on the Mandiant report and other sources of information abotu Chinese hacking had to include an awkward disclaimer...

Not all "innovation" is equal. Many of the people pulling the levers of power consider rounded corners, one-click checkout, and new (but not better) uses for drugs about to come out of patent to be "innovation". Some in Russia considered the process of growing diamond film on cutting tools (actually invented by an American, IIRC) to be innovation, and developed it into an industrial capability. I'd be more concerned about losing that sort of innovation than any number of counterfeit plastic princesses or "almost as good as aspirin" miracle drugs.

I have my doubts about this China big corporation hacks, still the US are actively trying to spy China so maybe is just some payback. There is no valuable information in Apple, not to what a country security concerns, so what would china will hack apple in the first place?

There is no valuable information in Apple, not to what a country security concerns, so what would china will hack apple in the first place

It's not the value of information at Apple that is at stake, it's the value of the information put on Apple products by Apple customers that's at stake.

It's the reason RSA got cracked and why quite a few CAs got the works as well.

Look at it another way, what is the point of spending a considerable period of time finding a second zero day attack, when you can use your first to put your own special backdoor into an OS or Application that everybody uses?

I would be looking to get at the developer code repository for the likes of MS Word, Adobe PDF reader etc, to give me what I want with the minimum of fuss and bother...

@Clive Robinson
You might very well regret that Rupert Murdoch is alive, call him names, and rue the fact that he owns any news outlets, but he has nothing to do with The Register or the headline mentioned by Nick P.

In regards to the Koreas, I believe the US would welcome any reunification between the North and South, like they welcomed the reunification of East and West Germany. Citing the US as the one causing provications on the Korean peninsula is glossing over a heck of a lot of history since 1953.

> That's irrelevant: they're in it for the profit. If China competes with knockoff products or makes their IP worth less money, the big firms loose plenty of money. And big firms can go bankrupt if they loose too much. So, it should concern them.

Ironically, one reliable source of income for software companies is the Chinese government and Chinese state-owned enterprises. It's effectively impossible to prevent consumer pirating of business software, however software companies can effectively prevent pirating by government agencies and state owned enterprises. One thing about government agencies and SOE's is that they are loaded with cash so paying for licenses isn't a problem, and it's cheaper and easier than the alternatives.

The other thing is that there are business models that depend on Chinese knockoffs. For example cheap Chinese cell phones run Android. Google isn't make much ad revenue in China, but these phones get sold to Africa and South Asia.

> Chinese steal IP for their companies, they've created more secure processors/OS for their companies, and even sometimes sabotage smaller American firms trying to pursue IP litigation.

I don't think that hacking is the main way that the Chinese government is getting intellectual know how. For example, suppose the PLA got the plans for the Boeing 787. Totally useless, since China doesn't have the technical ability to create a duplicate. Now if you send 100,000 Chinese students to the US, and then have Boeing create a joint venture in China to manufacture parts for the 787, then in a 20-30 years, China will have the knowhow.

People are missing the big game.

> And why would Chinese firms hold off if the IP is worth millions to billions?

Because IP doesn't work like gold bricks. Blueprints for the 787 are useless if you don't have the technical ability to take advantage of it, and if you do have the skills then you don't need the blueprints.

> It's better to keep it out of their hands in the first place. Thats what good outsourcing and security decisions can accomplish

If you hire anyone in China they are going to learn about business processes and they are going to improve their technology ability. Unless you can do a brain wipe, you are not going to be able to keep them from starting their own companies with the skills you've taught them.

> The US govt, on the other hand, talks a whole lot and does very little. They don't even adequately help our largest economic contributors understand how damaging it is for them over the long term.

The trouble is that it's *not* damaging profits in the long term. Take General Motors. They are putting a lot of effort into plants in China because Buick happens to be a car that Chinese officials like to drive.

The thing about multinational corporations is that outside of a few industries like defense, MNC's really have no nationality and no loyalty except to profit.

> This causes many businesses that have several low wage countries to choose from for profitable operations to choose China and loose big in ways they might otherwise not have.

China has this unique combination of third world wages and first world infrastructure.

If you really are concerned about security, the first thing you have to do is to move away from the "you are going to lose money in the end if you put resources in China" since that has no credibility at all with most high technology companies. The general attitude is that China in the end is going to get the know-how eventually from someone, and you can make a handsome amount of money now, being the company that gives it to them.

Also, China vs. the West doesn't work either. Are the Koreans or Indonesian or Vietnamese, Western?

It's interesting that people keep using Cold War analogies when it's a different game. The US and Soviet economies were never as linked as the US and Chinese economies, and there's no global ideological war.

Blame China
I guess there is a lot of Cold War Propaganda people can use just by exchanging the words "Russia"/"The Communists" with "China".

Since the original Cold War ended isn't it nice to have a new enemy to blame for everything: even the ill-maintained US infrastructure that crumbles as we speak.

But sadly the new Enemy #1 happens to own a trillion dollar worth of US debt and produces nearly everything sold in the Western World, but rest assured, the Propaganda Ministry already works on a cleverly formulated flyer with big letters!

You might very well regret that Rupert Murdoch is alive,... ...but he has nothing to do with The Register or the headline mentioned by Nick P

Read Nick P's second paragraph about news outlets then view my comment with respect to that.

With regards to,

In regards to the Koreas, I believe the US would welcome any reunification between the North and South, like they welcomed the reunification of East and West Germany. Citing the US as the one causing provications on the Korean peninsula i glossing over a heck of a lot of history since 1953

I'm sure the US would like a reunification BUT on US terms not the Koreans or Chinese terms.

And you only have to see the mess that follows every time the US tries to do that in the past few years in other partss of the world (Think Somalia, the "free and fair elections" where Hamas got voted in, Iraq, and then there is Arab Spring etc etc). The reason German reunification worked was three fold, firstly it was obvious to all that the East German Government could nolonger govern and that Russia and the surounding countries were not going to support them, secondly that the US was pretty much kept out of it by the EU and thirdly the other "occuping powers" could nolonger afford to keep dumping huge sums of money into the German economy via their occuping forces spending. I was in Germany for the early parts of the reunification and I can tell you the people who were least scared by it were the Germans themselves, the main concern they had was the way the currancy union had been pegged.

But getting back to Korea there are a rather large number of US military personnel stationed in South Korea and other locations near by, who the US have no intention of withdrawing. They have very actively instigated / participated in war games along the disputed border with the North and around the North's coastal region and arguably encroached into the North's territorial waters, which has provoked thankfully only a minimal response from the North.

But if you look back across the 60 years, you will find almost countless cases of provocation from the South towards the north by or with US backing.

Much if not most of this military action involving the US is "politicaly" aimed not at North Korea, it's actually mainly aimed at provoking China. As are the US activities in Taiwan and surrounding areas. Which has (alegadly) caused China to send out Subs and Divers to cut under sea telephone/data cables and one or two other retaliatory actions such as major Chinese War Games.

Prior to the out going South Korean Premier, there were serious attempts to start the re-unification process by both the South and the North. If you talk to South Koreans who were there and lived through it you get to find out that the US insisted on being involved and would make promises of basic economic assistance to the North that where conditional... But when the North complied the US would not deliver on the promises and the aid was not delivered. Thus North Korea insisted that the US nolonger be involved and restarted their former activities...

So make of it what you will but I would say that the US has been heavily involved with causing problems between the North and the South, not because they are particularly interested in Korea but as a continuance of the "Proxie War" between the US and China. And if history is anything to go by the US won't stop untill they nolonger see China as a threat, which unlike Russia is very unlikely to happen in the next life time or two.

As I've said on a number of occasions in the past China takes the longterm view and the US and most of the West take a very very short term view. Thus China is most likely to come out well ahead in any race between the US/West and China. And if you had not noticed a big chunk of the West is now called the European Union and whilst it's in a financial and political mess currently (due to to insufficient integration and to rapid expansion) it's intrests in and dependance on the US are significantly waning, instead it's facing Eastwards and is encroaching on Russia's doorstep (which is causing Russia to get nervous). Which leaves the UK in an interesting position being in the far west of europe in a diferent time zone with little or no natural resources and more politicaly aligned with the US and thus regarded with suspicion by many EU countries...

US global power is diminishing and it is soon going to run into it's own significant financial difficulties. The US dollar is still the world trading currancy just, because of this it has confered certain economic advantages on the US. But you need to consider what would happen if either the European or Chinese currancy became a more than significant contender as a major trading currancy. As one economist put it unless the US sorts it's self out befor then it's looking at second or third world status. Which whilst it might sound astonoshing is by the way, what is currently happening to one or two southern EU countries.

I don't have crystal balls to gaze into so I can't tell the future by magic, but I can over the short term make some predictions based on past history and thus I can say we in the West are realy going to find out the meaning of the ancient Chinese curse of "May you live in interesting times"

"How can that be?
“Mr President, our Germans are better than their Germans” -- The right stuff"

Our Germans got us to the moon first. :)

@ joequant

Nice replies. I'm exiting our tangent now. I think we got our views across clearly enough for readers to both enjoy reading them and come up with their own opinions. Any further discussion/debate would likely rehash similar arguments or turn into flames.

Nice find. It goes to what many of us have discussed on this blog before. Namely, the IP addresses or initial servers don't really convey identity in cyberspace. That takes quite a bit more work. And there's quite a few groups of bad guys out there. As for this story, I see several possibilities.

The first is their claim: Eastern European criminals. Other news articles, including one in yours, have covered the extensive amount of computer crime that happens over there. It starts to get more obvious when you have rural towns with a growing number of luxury vehicles, Armani suits, etc. And internet cafes. ;)

So, did they do it? The evidence is that an Eastern European computer was involved and the trojan is used by cybercriminals. Considering how malware markets work, the latter might prove nothing. Also, botnets, proxies, and C&C's use computers in all kinds of countries. So, the Ukranian system might indicate they're using one near home (identifying them) or it might be incidental. One thing I've noticed about the Eastern European groups is that their quite practical: they usually hack stuff that they can turn into cash. There have been exceptions, but this is the rule.

I think it's a decent possibility that it's Eastern European cybercrooks. The reason is that iTunes, Twitter and Facebook accounts are routinely traded on black markets. They have value to underground hackers. These hackers usually try to use malware and social engineering to steal them. Now, some hackers are hitting the companies themselves. It's reminiscent of how CC hackers went from trying to collect one per user with malware to hitting entire databases. It's possible that the Eastern European attackers are maturing.

Good ol' Chi-coms. Whether they spy or not is not the point of this propaganda meme flogged in our media. The point is to justify repression of whistle blower hackers (Assange, Hammond, Swartz, Manning, Appelbaum and many more), boost defense spending by weaponizing hacking and justify using those weapons first, (Stuxnet).

Does China or any other country spy? I am shocked, shocked to find this is true. And we are first among the spies.

Are we being manipulated in the media by the military-industrial groups including mercenary security corporations? Yes. Look at the source of this NYT spiel, a merc sec corp. A decade ago it was the NYT and Curveball, from that we got an Iraq invasion.

Being manipulated over and over gets old. There is a history of "China spy" stories all the way back to Wen Ho Lee, the Manchurian Candidate and brain washing from the Korean War. They trot spy stories out every year. And Bruce puts it in his blog every f'ing time like it is something we have never seen before. Well, we have seen it before. If Bruce had any analysis and facts about what triggered this meme at this time the story might be interesting. Cui bono Bruce-o? As it is currently presented it is a stupid story.

as you say: Cui bono?
we all can see who this is meant to demonize but who benefits, that's a much more interesting and revealing question. Unfortunately you don't want to ask too many revealing questions because thats unAmerican.

@clive
"What is the difference between Mosad recruiting people from non Israeli countries and sending them out to other countries to kill citizens of other countries for political reasons, and the likes of Osama Bin Laden and AQ doing the same?"
The difference is this: Mossad is doing it surgically, eliminating high level individuals whose agenda is wiping out Israel while what OBL&co has done is quite the opposite from all the viewpoints.
And please quit lecturing about how US is stuck in 50s mindset regarding China. I've been living on the other side(that was orwellian for good) and I can tell you all the "paranoia" regarding USSR was healthy.
As an individual, I have no reason to believe China is seeing US as anything else than a temporarily necessary evil.

There is no difference in the actions of the Israeli war machine and AQ.
But I see a difference in the consequences, accountability, PR, financing, chain of command.

The Israeli terror machine takes its orders from a democratically elected government. They are accountable to the justice system in some small way. When their actions are made public you can point a finger at someone. You can call in their ambassador to have a stern talk. You can revoke their visas, business licences, revoke trade agreements and even sue in international court for war crimes.
In return, their operatives enjoy the protection and resources of a state. There is someone to advocate for you (like J. Pollard) and make sure you are not mistreated by the jailing country. Prisoner swaps are possible. Backroom deals can be made for you.

AQ do not take orders from elected officials. They are not accountable to oversight of a justice department. They choose their own targets without discrimination. There is no one to hold accountable in international court.
In return, UBL was not tried in an open court of law, any law. The people held in Camp-Echo did not get fair trials or due process. This is deemed legitimate.

The Israeli assassination squads are different because they have the modern equivalent of "Letters of Marque" ("Marque and Reprisal Act of 2001" - was not enacted into law in the US) and in this analogy AQ would be the Pirates

There is another troubling thought. The US, UK, Germany, China, Japan, India and North Korea act much in the same way. If we take the action against UBL on face value we can equate the US Navy operatives to Israeli murderers (and even though I am at heart a combat pragmatist...) That just does not sit right with me.

The differences in action between nation-states (like Israel's) and terrorist organizations (like AQ's) might at times appear to be marginal, but in the international sphere a nation-state's power and influence trumps an AQ's, because according to conventional definitions of terrorism (pre-Bush-2003-Iraq-invasion-rhetoric), nation-states can't do terrorism. Period.

That is, terrorism is defined as such by nation-states themselves to differentiate their behavior from an AQ's behavior, as a matter of expedience.

Now, whether the behavior of a particular nation-state, in any particular example, is terrorist-like, is another question entirely. But never forget that the term "terrorist" is a term of political expedience, defined by nation-states toward non-nation-state organizations.

Is the crux of the matter for most people only they try and avoid thinking about it.

As I originaly asked people to consider and you further qualified with,

There is no difference in the actions of the Israel war machine and AQ.

If you remove the political element then the actions are simply that of the criminal charges of conspiracy and murder. And further if the reasons for the crimes being commited was valid which is in of it's self is likewise political.

Thus it's the politics of the issue which count and where we need to think the most about what is done in our name by others, and eventually how others judge us, not as individuals but as one of an entire nation of "joe Averages".

As known individuals nearly all humans are difficult to hate with vengance, as unknown members of a faceless mass vengful hate is all to easy. Because it is not a person but a manufactured image, for which we feel no sorrow, guilt or compassion and don't question our thoughts.

The result of course is each side manufactures with rhetoric the image of those they chose to call an enemy and embue them with certain charecteristics which are usually false but which encorage feelings of mistrust and eventually unreasoned hatred. Such feelings are often driven by feelings of impotence that turn to desires for righteous vengence that are based on almost entirely false images. Such is the power of propaganda.

Whilst it can be relatively easy to build up these images it is can also be extreamly difficult to pull them down. They develop a life of their own and go on in peoples minds and get passed on from adult to child long long after they have served there purpose.

As we know such fueds can go on for centuries getting stronger with each generation not just in remote places but close to home as well. In the UK for instance we still have such divisions in Northern Ireland, but for those that care to look there are similar issues in Scotland, and in England, and in Wales.

In essence we are still under the skin mainly tribal and we view "me and mine" above others, for what once were sound genetic reasons.

The fact that you can say,

But I see a difference in the consequences accountability, PR, financing, chain of command

Shows that you can think on the problem in a more abstract way and importantly realise that there are consequences for such actions.

Many however can not, or chose not to, or worse actualy plan to gain advantage by people thinking not of individual people but of manufactured images. Currently we see various nations cultures and religions being "demonized" by those with political agenders.

We should ask why we don't hold such people to account, but most of us chose not to. Not as a deliberate choice, but mainly we don"t know there is a choice, or because we cannot see how to excercise that choice. Eventually we lose the choice as it is taken away from us.

We who live in representational democracies are encoraged to believe we have choice by the balot box. Few people turn around and actually think about the process and the reality of the lack of choice we are presented with. Even less people want to face up to the fact that the choice is actually controled by people we don't vote for who control the funding and exposure poolliticians need to become elected.

Does it matter if you call it a plutocracy or puppet goovernment, and is it's actions realy that much different to various forms of dictatorship.

The reality is not realy, and that is a problem because we can see from history that dictatorships usually end in only one way with blood shed and war be it civil or imposed from outside.

Many of the places these terrorist come from are dictatorships in one way or another, they view themselves not as terrorists but freedom fighters etc, who are seeking to change the political structure of the places they come from. The advantage they have today is technology they can use it in various ways to put preasure on the dictators. OBL was fairly clear about his aims and objectives which esentialy boiled down to wishing to stop the US supporting the dictators in the middle east specificaly the house of saud. Although he failed in that objective he certainly achieved others, wether he intended to or not, one of which is for US citizens to start feeling what it is like to live in a police state.

So arrguably a political change has been brought by OBL and AQ and this in turn has enabled others to start the political change process.

Which gives rise to the unsetaling feeling that even in a representational democracy significant political change is possible by undemocratic means, arguably faster and more effectivly than by democratic means. Worse that beyond a certain point even assassination will not put the genie back in the bottle. Which then raises the question of did assassinating OBL actually achieve anything other than revenge?

The argument Israel has worked on in the past is preemptive action. That is you remove a problem before it becomes a problem. But when you are talking of assassination preemption is a very very weak justification for the crimes of conspiracy and murder and it does not sit well with the ideas of justice which is supposadly the bedrock of all nation states.

As you note many nations either do or have carried out extra judicial executions Russia and Israel appear to be at or close to the top of the list both of whom have carried out what is refered to as State Sponsored terrorism.

However two things apear to arise firstly it does not appear to be even remotely effective. Secondly you don't see sanctions or handing over of people for their actions. Which calls into question the notion of international justice, in that some countries are exempt from it whilst others are not.

This is obviously ripe fodder for propaganda for these nations supposed enemies. As we have seen, it actually creates considerably more problems than it solves.

Several thousand years ago a chinese writer on state craft emphasised that to defeat an enemy it was essential to first know them. Oddly perhaps the way to stop conflict and fueds is the same, by the opposing sides getting to know each other.

We have found that giving people democracy produces apparently unexpected results. In the case of Hamas it was entirely predictable by those who saw the voters as individual people and had come to know them. But entirely unexpected by those to whom the manufactured image was all they knew. Likewise the problems of Iraq and Afghanistan.

Slowly a decade or so late the realisation is occuring that to get political change on the ground means getting to know the people and that includes the supposed enemy. Much as it sticks in the throat, Hamas, Hezbola and the other groups have a place in the political future of these places.

The question then becomess how do you stop these places becoming dictatorships again. The answer is not easy but one thing we have found out is people with nothing to lose have everything to gain by attacking us. Perhaps giving them something such as a future and the oportunity to coexist not just peacfully but equally would give them not just something to lose but little or nothing to gain by attacking us. And that they get to sort out their differences amongst themselves and vote for their future whatever it might be.

History actualy tells us, that as far as the middle east is concerned one of the most peacfull and prosperous periods in time where coexistance was the norm was actually prior to the crusades. Whilst I would not recomend we return to the past there maybe lessons we can learn from it.

But never forget that the term "terrorist" is a term of political expedience, defined by nation-states toward non nation-state organizations

The history behind the word "terrorist" is somewhat odd in that originaly it applied to the agents of nation states, not towards non nation-state persons and organisations.

The simple fact of nation-states renaming actions to suit the cut of their cloth does not change the actuality of the actions they and others carry out. And it is the actions themselves that cause direct harm not the words that various people might use at any point in time. And it is the direct harm that goes on to cause fueds that encorage further direct harm and so the situation spirals forever downwards.

but...As known individuals nearly all humans are difficult to hate with vengeance, as unknown members of a faceless mass vengeful hate is all to easy. Because it is not a person but a manufactured image, for which we feel no sorrow, guilt or compassion and don't question our thoughts.

I want to believe that is true. I want to say that as individuals we are all special and deserve respect. But then, the pragmatism kicks in.
Dubrovka theater 2002, the Spetz' changed the dynamic of the region.
Aziz Salha was arrested, tried in court, jailed and then released in a prisoner exchange. Politicking aside. He breathes free air. I want to criticize the Israeli meat grinder but on this one, I am impressed by the restraint and the appearance of the rule of law.

All in all we see eye to eye here, I think.

Back to security and state sponsored hacking. A hit squad sent to eliminate a person is not the same as a hit squad writing code. Stuxnet even if it is state sponsored is not targeted at killing people only machines. Sabotage is different than murder?

Disclaimer: I fail to notice many things. I make wild assumptions almost all the time and in general everything I think is warped by some bias.

In this case the machines in question were controllers for industrial equipment and no damage was done to human operators (if you believe reports). In general, when machines run amok humans should not be harmed. I did some searching and found a concept called FMEA. the short version is that a well designed system will cause the least amount of damage when it fails.

Bringing this concept back to security and Stuxnet-the computer virus would not have had any effect if the system was designed to not accept commands that contradict correct operation. You can also implement oversight on the output signal or any other industry standard to verify a process.